Bruce Schneier

 

Blog

Crypto-Gram Newsletter

Books

Essays and Op Eds

News and Interviews

Audio and Video

Speaking Schedule

Password Safe

Cryptography

About Bruce Schneier

Contact Information

 

Schneier on Security

A blog covering security and security technology.

« New WWII Cryptanalysis | Main | New Vulnerability Against Industrial Control Systems »

November 5, 2012

New Jersey Allows Voting by E-Mail

I'm not filled with confidence, but this seems like the best of a bunch of bad alternatives.

EDITED TO ADD (11/6): Matt Blaze, Ed Felten, and Andrew Appel have a lot more to say about this.

Tags: , ,

Posted on November 5, 2012 at 2:54 PM20 Comments

To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.

Comments

JeremyNovember 5, 2012 3:09 PM

I was wondering how long it would take to see this posted here.

I sense an election similar to the one in 2000. http://en.wikipedia.org/wiki/...

curtmackNovember 5, 2012 3:26 PM

Something I've been thinking about in terms of electronic voting security: Is it possible to create a cryptosystem such that there is a fundamental, easily-identifiable distinction between "Nobody cast a vote today" and "I swallowed all of the votes?" I can't think of a way to do it, but I'm far from an expert.

NatanaelNovember 5, 2012 4:00 PM

My contribution:

http://www.reddit.com/r/crypto/comments/r003r/...

Secure Multiparty Computation is the base, using multiple organizations with strongly conflicting interests as the nodes (easiest way to guarantee no collusion/malicious cooperation).

The only major downside (for USA, that is, IMHO) is that we need to get secure public crypto keypairs to every voter in the country, which means distributing smart cards/ID cards in a secure manner to everybody. Considering the recent issues about requiring ID:s to vote hurting poor communities, well...

NickNovember 5, 2012 4:36 PM

End-to-End voting is the most secure and auditable form of e-voting. http://en.wikipedia.org/wiki/...

E2E systems often employ cryptographic methods to craft receipts that allow voters to verify that their votes were not modified, without revealing which candidates were voted for. As such, these systems are sometimes referred to as receipt-based systems.

ChristianONovember 5, 2012 4:58 PM

To the best of my knowlege on electronic voting: no there is nothing currently that would allow secure voting in any way.

The problem ist not just Cryptographic. Anything as complex as a modern computer will not be secure!

StephenNovember 5, 2012 5:30 PM

Meanwhile, the worst of all possible options is going down in Ohio.

http://www.salon.com/2012/11/05/...

The fix is on, folks.

SeanNovember 5, 2012 5:37 PM

Matt Blaze suggests numerous alternatives: http://www.crypto.com/blog/njvoting/

ElioNovember 5, 2012 5:46 PM

Email voting...president "3nlarg3 your p3n!s" wins the popular vote!

simoNovember 5, 2012 6:36 PM

This would be a better alternative:
https://helios-nj2012.herokuapp.com/helios/e/nj2012-demo
People can use it as a 'backup' voting system if they fear their emails will get lost, as the system can verify if you voted or not without exposing your actual vote.

Jordan BrownNovember 5, 2012 7:01 PM

I expected the punch line to be "Since this is a pilot program and there's a need to compare it to existing mechanisms, for this initial test only Democrats should use this new system; Republicans should go to their polling places as usual".

anonymbertNovember 5, 2012 8:10 PM

obligatory "Dilbert" reference:

http://www.hulu.com/watch/51160#i0,p25,d0

Season 02 Episode 17 "Ethics" (July 25, 2000)

"The company employees are forced to take ethical training classes, then Dilbert is made project lead for the National Internet Voting Network. An attractive female employee of a special-interest group attempts to seduce Dilbert, putting his ethical limitations to the test."

JoeNotCharlesNovember 5, 2012 11:48 PM

Note that this system was already in place for absentee ballots long before Sandy. (I'm not sure if it's new for this election or not, but my wife was given a fax/email option when she voted in September. She chose to mail it in the old fashioned way.)

The directive is not adding any new voting mechanisms, it's just saying that people in New Jersey are allowed to use the absentee voting mechanisms even if they're still in the state, as long as they're not actually living at home due to the hurricane.

ThomasNovember 6, 2012 12:12 AM

A few comments about how crypto-systems exist to allow anonymity, verification, etc. etc.

The problem with these systems is that they are much harder to understand than making a mark on a piece of paper with a pen and then counting bits of paper.

Democracy only works if people vote.
People won't bother to vote in a system they don't trust.
It's difficult to trust a system you can't understand.

We (Oz) have compulsory voting using paper and pencil. I prefer this over even the sexiest quantum-crypto-area-51-cipher-rot-13-encoded eVoting system.

It seems to me that the American system manages to hide the forest of democracy behind the trees of voting.
There is so much voting going on, for so many things, that elections are so complicated that they negate the very democracy they're supposed to ensure.

fusion November 6, 2012 1:33 AM

@Thomas
Concur - computer/cryptographic systems are not cuddly...and, besides, all such are susceptible to subversion by insiders...

@Simo
Another unfriendly thing about these systems...if it tells you your vote did not arrive or was not registered, what can you do about it?

So...Yes...hand count paper ballots...

Nick PNovember 6, 2012 3:09 AM

Similar topic

"What do you need to rig an election? A basic knowledge of electronics and $30 worth of RadioShack gear, professional hacker Roger Johnston reveals."

http://www.popsci.com/gadgets/article/2012-11/...

I believe the Argonne Lab security assessment people have been mentioned on this blog before. They're quite talented.

Clive RobinsonNovember 6, 2012 5:24 AM

@ anonymbert,

An attractive female employee of a special-interest group attempts to seduce Dilbert putting his ethical limitations to the test.

Yes in one strip Dilbert did plea bargin down to "sexualy interfering with office equipment" rather than go to jail for somethin he had not done....

Such is the ethics system in plea barganing...

phred14November 6, 2012 6:50 AM

Surprised this hasn't made it here, yet. The Ohio secretary of state has had an "experimental patch" installed on voting tabulators in some 39 counties, This is only days before the election, etc, etc, etc. Perhaps innocent, perhaps tightening security, improving reporting of results, etc. But the appearance is BAD, and at this juncture full disclosure should be necessary. There were many sources for the story, I figured Computerworld would be the most neutral for this.

https://www.computerworld.com/s/article/9233274/Update_Lawsuit_filed_in_Ohio_over_software_updates_to_vote_tabulation_machines

Jonathan KNovember 6, 2012 12:50 PM

Meanwhile we're getting 'interesting' glitches in the standard electronic voting systems:

http://www.youtube.com/watch?v=QdpGd74DrBM

Civil LibertarianNovember 6, 2012 1:58 PM

Oh, boy. An election day update:

Hotmail Takes on Election Duties as Servers in New Jersey Crash
www.wired.com/threatlevel/2012/11/new-jersey-email-fai

In an effort to accommodate voters displaced by Hurricane Sandy, New Jersey decided to allow voters this year to request ballots by e-mail and submit them via e-mail and fax.

But that solution has turned out to be a disaster after e-mail servers used to send and receive election ballots in at least two major counties got clogged or crashed on Tuesday under the weight of voter traffic.

At least one official in Essex County, which has 451,000 registered voters, decided to solve the problem by inviting voters to send their ballot request to his personal Hotmail e-mail address.

“Per Essex County Clerk Christopher J. Durkin: Displaced voters can email a request for a ballot at cj_durkin@hotmail.com...,” according to a post on the Facebook page for West Orange, NJ.

Not exactly a secure option, as security researcher Ashkan Soltani notes. Apparently Durkin uses his mother’s maiden name as the “password recovery” question for his account.

Post a comment




E-mail is optional and will not be displayed on the site.


Remember Me?


Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Powered by Movable Type. Photo at top by Geoffrey Stone.

Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.

 
Bruce Schneier
Subscribe
Atom Feed Facebook Twitter E-Mail Newsletter (Crypto-Gram)
Subscribe via Kindle
Blog Menu

Search

Powered by DuckDuckGo


blog only
essays and op eds only
whole site

Blog Home Page
100 Latest Comments

Archives by Date

2013 J F M A M
2012 J F M A M J J A S O N D
2011 J F M A M J J A S O N D
2010 J F M A M J J A S O N D
2009 J F M A M J J A S O N D
2008 J F M A M J J A S O N D
2007 J F M A M J J A S O N D
2006 J F M A M J J A S O N D
2005 J F M A M J J A S O N D
2004 J F M A M J J A S O N D

Tags

more tags

Support Bloggers' Rights!
Defend Privacy--Support Epic
Latest Book
Liars & Outliers
more books by Bruce Schneier